Bugs item #3401668, was opened at 2011-08-31 18:26
Message generated for change (Comment added) made by bogdan_iancu
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=3401668&group_id=232389
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: 1.7.x
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Muhammad Shahzad (shari_786pk)
Assigned to: Bogdan-Andrei Iancu (bogdan_iancu)
Summary: sigfault in presence module due mix_dialog_presence flag
Initial Comment:
Enabling "mix_dialog_presence=1" in presence module causes random crash. Core
dump of each crash shows sigfault that happens only when using a specific
version of Eyebeam. So, it may be a bug in Eyebeam instead of opensips. Anyhow,
here is the BT.
Core was generated by `/usr/local/sbin/opensips -P /var/run/opensips.pid -m 512
-u root -g root'.
Program terminated with signal 11, Segmentation fault.
#0 0xb6fdc1ad in get_presence_from_dialog (pres_uri=0xbff1af50,
uri=0xbff1ad9c, hash_code=2590) at notify.c:861
/usr/src/svn-src/opensips-1.7.0-tls/modules/presence/notify.c:861:20235:beg:0xb6fdc1ad
(gdb) bt
#0 0xb6fdc1ad in get_presence_from_dialog (pres_uri=0xbff1af50,
uri=0xbff1ad9c, hash_code=2590) at notify.c:861
#1 0xb6fdf9e9 in get_p_notify_body (pres_uri=..., event=0x9719d8c4, etag=0x0,
publ_body=0x0, contact=0xbff1b230, dbody=0x0, extra_hdrs=0xbff1b058,
free_fct=0xbff1b074) at notify.c:985
#2 0xb6fe22f9 in send_notify_request (subs=0xbff1b1d8, watcher_subs=0x0,
n_body=0x0, force_null_body=0, extra_hdrs=0x0) at notify.c:1916
#3 0xb6fe37ab in notify (subs=0xbff1b1d8, watcher_subs=0x0, n_body=0x0,
force_null_body=0, extra_hdrs=0x0) at notify.c:2094
#4 0xb700149d in update_subscription (msg=0x826e79c, subs=0xbff1b1d8,
init_req=1) at subscribe.c:451
#5 0xb7001e9a in handle_subscribe (msg=0x826e79c, force_active_param=0x0,
str2=0x0) at subscribe.c:659
#6 0x080599b2 in do_action (a=0x820569c, msg=0x970ee8e0) at action.c:1280
#7 0x08058139 in run_action_list (a=0x820569c, msg=0x826e79c) at action.c:141
#8 0x0805c02b in do_action (a=0x8205708, msg=0x826e79c) at action.c:847
#9 0x08058139 in run_action_list (a=0x8205708, msg=0x826e79c) at action.c:141
#10 0x0805ca5b in do_action (a=0x8205774, msg=0x826e79c) at action.c:853
#11 0x08058139 in run_action_list (a=0x82050f4, msg=0x826e79c) at action.c:141
#12 0x0805c02b in do_action (a=0x820584c, msg=0x826e79c) at action.c:847
#13 0x08058139 in run_action_list (a=0x81fdbac, msg=0x826e79c) at action.c:141
#14 0x0805dc40 in run_actions (a=0x81fdbac, msg=0x826e79c) at action.c:121
#15 run_top_route (a=0x81fdbac, msg=0x826e79c) at action.c:182
#16 0x080a38ce in receive_msg (
buf=0x81cf480 "SUBSCRIBE sip:13107350...@rtsip.vopium.com SIP/2.0\r\nVia:
SIP/2.0/UDP
203.215.176.22:41166;branch=z9hG4bK-d8754z-ff02150196589f0a-1---d8754z-;rport\r\nMax-Forwards:
69\r\nContact: <sip:923214032232@203.215"..., len=678, rcv_info=0xbff1c118) at
receive.c:165
#17 0x080f91b6 in udp_rcv_loop () at udp_server.c:419
#18 0x08074662 in main_loop (argc=9, argv=0xbff1c2c4) at main.c:885
#19 main (argc=9, argv=0xbff1c2c4) at main.c:1503
The user-agent string of Eyebeam i have that causes these crashes (so far 4),
is "eyeBeam release 1101l stamp 49847",
I also have memdump available if you need it.
----------------------------------------------------------------------
>Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2011-09-01 22:37
Message:
Just to know in what direction to go with the troubleshooting - can you
reproduce this crash?
Regards,
Bogdan
----------------------------------------------------------------------
Comment By: Muhammad Shahzad (shari_786pk)
Date: 2011-09-01 17:48
Message:
Thanks for explaining. I checked all 4 core dumps and they all give exact
same error for last two commands. Here it is,
Core was generated by `/usr/local/sbin/opensips -P /var/run/opensips.pid
-m 512 -u root -g root'.
Program terminated with signal 11, Segmentation fault.
#0 0xb701c1ad in get_presence_from_dialog (pres_uri=0xbf8bb4b0,
uri=0xbf8bb2fc, hash_code=2590) at notify.c:861
��/usr/src/svn-src/opensips-1.7.0-tls/modules/presence/notify.c:861:20235:beg:0xb701c1ad
(gdb) frame 0
#0 0xb701c1ad in get_presence_from_dialog (pres_uri=0xbf8bb4b0,
uri=0xbf8bb2fc, hash_code=2590) at notify.c:861
��/usr/src/svn-src/opensips-1.7.0-tls/modules/presence/notify.c:861:20235:beg:0xb701c1ad
(gdb) print dialog_event_p
$1 = (pres_ev_t **) 0x97094844
(gdb) print *dialog_event_p
$2 = (pres_ev_t *) 0x6
(gdb) print (*dialog_event_p)->evp
Cannot access memory at address 0xe
(gdb) print (*dialog_event_p)->evp->parsed
Cannot access memory at address 0xe
Thank you.
----------------------------------------------------------------------
Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2011-09-01 16:11
Message:
in gdb command line, just do:
frame 0
print dialog_event_p
print *dialog_event_p
print (*dialog_event_p)->evp
print (*dialog_event_p)->evp->parsed
Thanks,
Bogdan
----------------------------------------------------------------------
Comment By: Muhammad Shahzad (shari_786pk)
Date: 2011-09-01 15:50
Message:
humm, not sure how to do that? I am attaching BT FULL in file here for
further reference. I do see "Address 0xXXXX out of bounds" at a number of
places in it.
----------------------------------------------------------------------
Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2011-09-01 13:52
Message:
Hi,
In frame 0, please print the following values:
dialog_event_p
*dialog_event_p
(*dialog_event_p)->evp
(*dialog_event_p)->evp->parsed
Thanks and regards,
Bogdan
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=3401668&group_id=232389
_______________________________________________
Devel mailing list
Devel@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
